0

After finishing my test site and made sure it worked on the local server, i uploaded it to Heroku, and it seems like it's not responding to any GET requests from the site, and i get this error:

the server responded with a status of 403 (Forbidden).

it can't even load the pictures.

I think the problem is located on the way i config the app in the server.js. The site is built in this way:

-> public
  -> images
-> views
  main.html
-> server.js

and my server.js code is:

// Requirements
var express = require('express');
var cookieParser = require('cookie-parser');
var session = require('express-session');
var url = require('url');

var app = express();

// DB Requirements
var mongojs = require('mongojs');
var db = mongojs('mongodb://mysuername:password22@ds0000.mongolab.com:0000/name', ['usersData']);

//Starts listening for incoming connections
var server = app.listen(process.env.PORT || 80 , function (){
    var host = server.address().address;
    var port = server.address().port;
});

// Get the correct db for the users.
var usersData = db.collection('usersData');


Object.defineProperty(Object.prototype, "extend", {
    enumerable: false,
    value: function(from) {
        var props = Object.getOwnPropertyNames(from);
        var dest = this;
        props.forEach(function(name) {
                var destination = Object.getOwnPropertyDescriptor(from, name);
                Object.defineProperty(dest, name, destination);
        });
        return this;
    }
});

// set up standard headers
function setCORS(res) {
    res.setHeader("Access-Control-Allow-Origin", '');
    res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
    res.setHeader("Access-Control-Allow-Credentials", "true");
    res.set({
        'Content-Type': 'application/json'
    });
}

// Set the session information.
app.use(express.static(__dirname + '/views'));
app.use(cookieParser());
app.use(session({
    secret: '1O2W',
    resave: true,
    saveUninitialized: true
}));
app.engine('html', require('ejs').renderFile);


// Main getter.
app.get('/', function (req, res) {
    res.render("main.html");
});

// Help page getter.
app.get("/help.html", function (req, res) {
    res.render("help.html");
});

// Partners page getter.
app.get("/partners.html", function (req, res) {
    res.render("partners.html");
});

// returns EVERYTHING the client needs when starting up with the user.
app.get('/me', function (req, res) {
    console.log("me request");
    setCORS(res);

    if (!req.session.user) {
        console.log("Error: user not logged in");
        res.send(403, { error: 'Need to login' });
        return;
    }
    console.log("req.session.user: " + req.session.user);

    // get the user
    db.usersData.findOne({ username: req.session.user }, function (err, user) {
        if (err || !user) console.log("db empty, nothing to cleanup");
        else {
            res.send(user);
        }
    });
});

// login with username and password
app.get('/login', function (req, res) {
    setCORS(res);
    var url_parts = url.parse(req.url, true);
    var query = url_parts.query;

    console.log(query);
    if (!query.user || !query.password) {
        res.send(500, { error: "request didn't contain username or password" });
        return;
    }
    // find the user
    db.usersData.findOne({ username: query.user }, function (err, user) {
        if (err || !user) {
            console.log("user " + query.user + " not found");
            res.send(403, { error: "bad username or password" });
            return;
        }
        // verify password
        if (user.password != query.password) {
            console.log("user " + query.username + " bad password - " + user.password + " != " + query.password);
            res.send(403, { error: "bad username or password :(" });
            return;
        }
        console.log("Loging in user: " + user.username + " password: " + query.password);
        req.session.user = user.username;

        res.send({ success: null });
    });
});

// Register a new user (save to the DB)
app.get('/signup', function(req, res){
    setCORS(res);
    var url_parts = url.parse(req.url, true);
    var query = url_parts.query;

    console.log(query);

    // Check that the user name is nt used.
    if (query.user) {
        db.usersData.findOne({username: query.user}, function (err, user) {
            console.log("trying to sign up user:" +  query.user);
            if (user) {
                console.log("Error: user already exists");
                res.send(403, {error: "User already exists."});
                return;
            } else if (err) {
                res.send({error: "mongoDB error"});
                return;
            } else {
                if (db.usersData.findOne(function(err, count) {
                    if (!query.user || !query.password) {
                        console.log("didn't receive user/password on signup");
                        res.send ({error : "no user or password"});
                        return;
                    } else {
                        // Create a new user with empty information.
                        var new_user = {
                            username: query.user,
                            password: query.password,
                            current: [],
                            history: [],
                            friends: [] };
                        db.usersData.save(new_user, function(err, saved) {
                            if( err || !saved ) {
                                console.log("User not saved");
                                res.send ({error : "can not write user to db"});
                                return;
                            }
                            else {
                                console.log("User saved");
                                console.log("Loging in user: " + new_user.username + "password: " + query.password);
                                req.session.user = new_user.username;
                                res.send ({success : "added user to db"});
                            }
                        }); 
                       }
                 }));
               }}); 
}});
);

Edit: my package.json is:

{
  "name": "w",
  "version": "0.1.0",
  "author": "AV",
  "description": "Site",
  "contributors": [
    "V",
    "A"
  ],
  "main": "./server.js",
  "keywords": [
    "w"
  ],
  "noAnalyze": true,
  "license": "Apache",
  "engines": {
    "node": ">=0.6.14"
  },
  "dependencies": {
    "ejs": "^2.3.1",
    "body-parser": "^1.14.0",
    "express": "~4.0.0",
    "mongojs": "1.2.1",
    "cookie-parser": "1.4.0",
    "express-session": "1.11.3"
  },
  "scripts": {
    "start": "node server.js"
  },
  "devDependencies": {},
  "repository": {
    "type": "git",
    "url": "git@heroku.com:w.git"
  }
}

Thanks!

asaf
  • 3
  • 2

1 Answers1

0

Make sure you have:

  • A package.json created with npm init, and then have installed all your dependencies as required.

  • A specified version of node on your package.json as:

    "engines": {
    "node": "0.10.x"
},

  • A Start script specified on your package, as scripts.start.

Also make sure you can start your app with heroku local web.

Read more about deploying node to Heroku here.

JCOC611
  • 19,111
  • 14
  • 69
  • 90
  • Did that now, still can't make the pictures show, and still get the 403 error. I'll add my package.json to the question. – asaf Oct 04 '15 at 19:39
  • @asaf also might be a good idea to look at the [logs](http://stackoverflow.com/questions/2671454/heroku-how-to-see-all-the-logs) – JCOC611 Oct 04 '15 at 19:42
  • @asaf sounds like your files might have the wrong permissions. If you can ssh into the heroku vm then do `ls -l` to check. – JCOC611 Oct 04 '15 at 19:52
  • the images permissions are: -rw-r--r-- for all of them. – asaf Oct 04 '15 at 20:01
  • Moved the images to the main.html folder solved the issue. Thanks! – asaf Oct 04 '15 at 22:55